The source port is
an optional field, it indicates the port from which the packet was sent
and eventuallytoward which the answer is expected. If no value is set, the
default value is forced to 0.

Destination Port :
(16 bit)

It indicates the destination
port of the final peer process.

Length :
(32 bit)

It specifies in bytes the datagram
length in its entireness(header+payload).

Checksum :
(16 bit)

It develops tipical functions
as error-control on the TCP IU, added a header containing the source IP
address, the destination IP address, the number of TCP protocol and the
number (in bytes) of the UDP fragment.

The error-control procedure realized by the checksum field is optional, in
order to relieve the protocol as much as possible.

--[ 3 - How to spoof datagrams

In the OSI model, the UDP protocol exploits the IP services. The UDP service
is connectionless, it doesn't get any logical connection between the two communicating
hosts, it doesn't guarantee the sequence of the Informative Unit transfer on
the net, finally there's no certainty about the correct datagrams transfer.
One of the "vulnerabilities" of the UDP is the possibility to send
"spoofed" packets (with a faked source IP).

This is the direct consequence of the connectionsless service,realized by UDP.

--[ 3.1 - Pieces of code

In order to make this explanation clear, here is a piece of code that let you
spoof the source IP of the datagram.

(1) This piece of code calls the udp_initialize procedure that let you fill
the socket structure fields. In this particular case we put the socket's port
to 0 and the IP address as argv[1]. W.N:The Ip and the port are chosen arbitrarily,
because no reply is expected.

In the case (2), the destination's socket value are set correctly.

The step (1) let us create a spoofed datagram.

Now that we have an idea of UDP's functions, we can understand my tool better.
This program can be used in different ways, but in the complex it's surely interesting.

--[ 4 - Direct contact with my implementation

The program was idealized in 2002 as a tool to execute remotely commands, without
opening any direct logical connection with the wished server. I discarded immediately
the TCP protocol,because it is connection-oriented. Another aspect that I wouldn't
exclude was the possibility to avoid to open TCP ports, that could be easily
scanned and maybe flooded (or similar). The first version of the program included
a not very good dynamic algorithm, because it didn't supply any procedure of
commands reading from an external file, but directly from the source file. For
these reasons I coded another procedure that let you read commands to be executed
from the configuration file.

--[ 4.1 - Analysis of the Program

(This is my own program but you can create another one, this is only a concept!)

$cat server.c
#define PORT 32980 // Listening port.
#define ETC 'udp.conf' // Configuration file. It indicates the name
of the file, from which the reading of the
commands to execute will start.

You can modify the above values, as you wish.

The file "udp.conf" (not crypted), must be edited, for a correct use
as follows:

$cat udp.conf
KEY WORD:/PATH/TO/PROGRAM

example:
angelo:/home/angelo/hello

When the server will receive the key-word "angelo", it will execute
the file "/home/angelo/hello"

The tool even implements a logging procedure of all the received commands, with
date and source IP.

fd = open("server.log", O_CREAT | O_RDWR | O_APPEND,
0644);

The log file will be placed in the same directory of the program and it's name
will be "server.log".

During the implementation of the project, I have decided to crypt the configuration
file and the log file too. The crypto() algorithm is really easy; it executes
a XOR cryptation of any file's byte with the key.

The default key is:

int key = 0xff17261; // This is the cryptation Key; Change
IT!!!

You can modify it and insert another one like 0xff71678 and so on...

The "UDP.CONF" file, after being edited correctly, must be crypted
with the crypto program,that you will find in the main directory,of the package.
It's really IMPORTANT that the keys of server.c and crypto.c must be the same,
or the server program won't work at all, as it couldn't read the "udp.conf"
file correctly.

--[ 4.2 - Fast how to

Edit the "udp.conf" file following the above indications. Change the
keys of server.c and crypto.c (they must be IDENTICAL!).